def test_validate_uri(self):
request = make_request(SCRIPT_NAME="/my", PATH_INFO="/page")
params = dict(scheme="SRP-HMAC",
realm="testrealm",
username="******",
nonce="abcdef",
response="123456",
ckey="abcdef",
uri="/my/page",
cnonce="98765",
nc="0001",
algorithm="SRP-1024-SHA1")
# They should be valid as-is.
self.failUnless(validate_uri(request, params))
# Using full URI still works
params["uri"] = "http://localhost/my/page"
self.failUnless(validate_uri(request, params))
# Check that query-string is taken into account.
params["uri"] = "http://localhost/my/page?test=one"
self.failIf(validate_uri(request, params))
request.environ["QUERY_STRING"] = "test=two"
self.failIf(validate_uri(request, params))
request.environ["QUERY_STRING"] = "test=one"
self.failUnless(validate_uri(request, params))
params["uri"] = "/my/page?test=one"
self.failUnless(validate_uri(request, params))
def _get_auth_params(self, request):
"""Extract srp-hmac-auth parameters from the request.
This method extracts srp-hmac-auth parameters from the Authorization
header and returns them as a dict. If they are missing then None
is returned.
"""
params = self._get_unvalidated_auth_params(request)
if params is None:
return None
# Check that they're valid srp-hmac-auth parameters.
if not validate_parameters(params, self.realm):
return None
# Check that the digest is applied to the correct URI.
if not validate_uri(request, params):
return None
# Check that the provided nonce is valid.
# If this looks like a stale request, mark it in the request
# so we can include that information in the challenge.
if not validate_nonce(self.nonce_manager, request, params):
request.environ[_ENVKEY_STALE_NONCE] = True
return None
return params
def _get_auth_params(self, request):
"""Extract srp-hmac-auth parameters from the request.
This method extracts srp-hmac-auth parameters from the Authorization
header and returns them as a dict. If they are missing then None
is returned.
"""
params = self._get_unvalidated_auth_params(request)
if params is None:
return None
# Check that they're valid srp-hmac-auth parameters.
if not validate_parameters(params, self.realm):
return None
# Check that the digest is applied to the correct URI.
if not validate_uri(request, params):
return None
# Check that the provided nonce is valid.
# If this looks like a stale request, mark it in the request
# so we can include that information in the challenge.
if not validate_nonce(self.nonce_manager, request, params):
request.environ[_ENVKEY_STALE_NONCE] = True
return None
return params
def test_validate_uri(self):
request = make_request(SCRIPT_NAME="/my", PATH_INFO="/page")
params = dict(scheme="SRP-HMAC", realm="testrealm", username="******",
nonce="abcdef", response="123456", ckey="abcdef",
uri="/my/page", cnonce="98765", nc="0001",
algorithm="SRP-1024-SHA1")
# They should be valid as-is.
self.failUnless(validate_uri(request, params))
# Using full URI still works
params["uri"] = "http://localhost/my/page"
self.failUnless(validate_uri(request, params))
# Check that query-string is taken into account.
params["uri"] = "http://localhost/my/page?test=one"
self.failIf(validate_uri(request, params))
request.environ["QUERY_STRING"] = "test=two"
self.failIf(validate_uri(request, params))
request.environ["QUERY_STRING"] = "test=one"
self.failUnless(validate_uri(request, params))
params["uri"] = "/my/page?test=one"
self.failUnless(validate_uri(request, params))